Security Brief: Ransomware, Sandworm, APT28, UnitedHealth, Brokewell, WP, CrushFTP, Flowmon

Welcome to Security Brief for week 17
#cybernews #cybersecurity #informationsecurity #infosec

OUTLINE:
00:00:00 - Welome
00:00:06 - Ransomware payments drop to record low of 28% in Q1 2024
00:00:54 - Russian Sandworm hackers targeted 20 critical orgs in Ukraine
00:02:10 - Synlab Italia suspends operations following ransomware attack
00:03:02 - Microsoft: APT28 hackers exploit Windows flaw reported by NSA
00:04:12 - UnitedHealth confirms it paid ransomware gang to stop data leak
00:04:58 - DPRK hacking groups breach South Korean defense contractors
00:05:37 - Hackers hijack antivirus updates to drop GuptiMiner malware
00:06:51 - US govt sanctions Iranians linked to government cyberattacks
00:07:44 - ArcaneDoor hackers exploit Cisco zero-days to breach govt networks
00:08:51 - Maximum severity Flowmon bug has a public exploit, patch now
00:10:16 - WP Automatic WordPress plugin hit by millions of SQL injection attacks
00:11:40 - New Brokewell malware takes over Android devices, steals data
00:12:37 - Over 1,400 CrushFTP servers vulnerable to actively exploited bug
00:14:05 - Kaiser Permanente: Data breach may impact 13.4 million patients
00:15:36 - Fake job interviews target developers with new Python backdoor
00:16:16 - The end

Sources:

Ransomware payments drop to record low of 28% in Q1 2024
https://www.bleepingcomputer.com/news/security/ransomware-payments-drop-to-record-low-of-28-percent-in-q1-2024/

Russian Sandworm hackers targeted 20 critical orgs in Ukraine
https://www.bleepingcomputer.com/news/security/russian-sandworm-hackers-targeted-20-critical-orgs-in-ukraine/

Synlab Italia suspends operations following ransomware attack
https://www.bleepingcomputer.com/news/security/synlab-italia-suspends-operations-following-ransomware-attack/

Microsoft: APT28 hackers exploit Windows flaw reported by NSA
https://www.bleepingcomputer.com/news/security/microsoft-apt28-hackers-exploit-windows-flaw-reported-by-nsa/

UnitedHealth confirms it paid ransomware gang to stop data leak
https://www.bleepingcomputer.com/news/security/unitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak/

DPRK hacking groups breach South Korean defense contractors
https://www.bleepingcomputer.com/news/security/dprk-hacking-groups-breach-south-korean-defense-contractors/

Hackers hijack antivirus updates to drop GuptiMiner malware
https://www.bleepingcomputer.com/news/security/hackers-hijack-antivirus-updates-to-drop-guptiminer-malware/

US govt sanctions Iranians linked to government cyberattacks
https://www.bleepingcomputer.com/news/security/us-govt-sanctions-iranians-linked-to-government-cyberattacks/

CArcaneDoor hackers exploit Cisco zero-days to breach govt networks
https://www.bleepingcomputer.com/news/security/arcanedoor-hackers-exploit-cisco-zero-days-to-breach-govt-networks/

Maximum severity Flowmon bug has a public exploit, patch now
https://www.bleepingcomputer.com/news/security/maximum-severity-flowmon-bug-has-a-public-exploit-patch-now/

WP Automatic WordPress plugin hit by millions of SQL injection attacks
https://www.bleepingcomputer.com/news/security/wp-automatic-wordpress-plugin-hit-by-millions-of-sql-injection-attacks/

New Brokewell malware takes over Android devices, steals data
https://www.bleepingcomputer.com/news/security/new-brokewell-malware-takes-over-android-devices-steals-data/

Over 1,400 CrushFTP servers vulnerable to actively exploited bug
https://www.bleepingcomputer.com/news/security/over-1-400-crushftp-servers-vulnerable-to-actively-exploited-bug/

Kaiser Permanente: Data breach may impact 13.4 million patients
https://www.bleepingcomputer.com/news/security/kaiser-permanente-data-breach-may-impact-134-million-patients/

Fake job interviews target developers with new Python backdoor
https://www.bleepingcomputer.com/news/security/fake-job-interviews-target-developers-with-new-python-backdoor/

Follow me:
youtube: @kevnowledgyy
instagram.com @kevnowledgyy
X.com @kevnowledgy